package tech.jabari.user.controller;

import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
import tech.jabari.constants.UMSConstant;

import javax.servlet.ServletException;
import javax.servlet.http.HttpSession;
import java.io.IOException;

import static tech.jabari.constants.UMSConstant.ACCESS_DENY_URL;

/**
 * 欢迎界面控制器。
 */
@Controller
public class WelcomeController {

    @GetMapping("/welcome.action")
    protected String welcome(HttpSession session) throws ServletException, IOException {
        // 获取session对象中的key的值。
        Object keyObj = session.getAttribute(UMSConstant.WELCOME_URL_KEY);
        //权限限制：必须是登录用户才可以访问
        String key = null;
        if (keyObj != null) {
            key = keyObj.toString();
        }
        if (null == key || !UMSConstant.WELCOME_CAN_ACCESS.equals(key)) {
            System.err.println("----------非法访问！！！");
            return "redirect:" + ACCESS_DENY_URL;
        }
        return "redirect:" + "/welcome.html";
    }
}
